As far as I can tell, HTTPSB is not available for Firefox, please fix!

I would love to use something better than ABP (in terms of performance, it does content filtering just fine), but I'm not so desperate to abandon the (warning: subjective content ahead) greatest browser of all times to lower the memory footprint of an ad blocker.

Would be nice if someone forked and start to adapt to Firefox. I would of course work in concert as this would allow to identify parts of the code which is browser specific and which parts can be turned into an independent library.

It however would be really awesome for HTTPSB (which I just installed on chromium and fallen in love instantly with) to be ported to firefox.

Seeing all the privacy-related features treated, by domain/site/everywhere rules, being able to block separately js/plugins/cookies (and by the way, the matrix is a great idea, a lot more useable than anything else out there)... in one extension only. Great work already, gorhill!

Unfortunately the developer is MIA, so the few bugs in the beta aren't going to be fixed anything soon. The most important feature of the beta is wildcard support, so you don't need to add every cloudfront sub-domain manually.

1) I have absolutely no intentions of continuing any work on my hack. The changes I made meet my needs. Feel free to fork if you need additional features.

2) I don't pretend to be an elite javascript developer. I have no idea if my hacks are considered idiomatic javascript or not. I also make no promises that running my hacked version of this extension won't upload all your private data to a server in Russia or cause other problems like having your hard drive explode in a ball of fire.

Just installed the extension and it seems great. Particularly like the matrix UI for allowing/blocking things.

However, I definitely don't want to micromanage things like accepting scripts and cookies for certain sites I use. Is there a way to make it work essentially the same way as AdBlock does? Tried to look in the wiki but didn't find anything.

You can select a "scope" (top-left cell in the popup) which will tells where the rules apply. You can set it to automatically create a temporary domain-level scope when landing on a web page (in Settings tab), and if you select this, I suggest you also select "Auto-delete temporary scopes".

Now any rules will apply only to that scope. For web sites you use regularly, just lock down these rules for that scope, and they will be remembered every time you visit that particular domain.

This is actually the preferred way to use the extension, but I did not make it the default currently.

I'm with this guy, I don't really want to spend much time filtering/selecting. If I can block 90% of the crap in seconds vs. 99.9% of the crap with several day's investment in customizing the filtering, I'll take 90% please.

Thanks for providing the "adblock-like" preset, that was just what I was looking for. Then from here, if/when I run into particularly horrific js, I can block it one-by-one.

... and AdBlockPlus developers closed the issue. One of the reasons given: "missing features [of HTTPSB] are an issue [...] (filter groups, hit statistics etc.)". One of their devs adds "They don't support element hiding, which is one of the main causes for the high memory consumption when using Adblock Plus. Neither do they support popup blocking. [...] [T]here still might be some parts where we can learn from HTTPSB. But the main reason that it is faster and uses less memory is that HTTPSB is less powerful."

Am I doing something exceptionally wrong? I click Restore from file in scoped rules, and then decode recipe. That gets me more json on the left (in a red box, so I assume parsing failed). I then try "Import Rules" and nothing seems to happen. The commit button at the top never allows me to click, and nothing changes.

This is using the abp setup (and a few of the others in stuff/), none of which worked.

The plugin looks really interesting, but I wish it would give more detail about the requests that were blocked/allowed and a better explanation if I blacklist something, is that permanent or do I have to save it each time?

All changes to the matrix are temporary by default. Click the padlock to make them permanent. At first, this might be annoying (though it is just one-click to make it permanent), but once you have all your rules for your usual sites, it's nice that all is temporary by defaults.

There is a request log in the dashboard/Statistics tab where you can see in details (full URL) what was blocked or not.

Does HTTPSB have a keyboard interface? I just installed it and it seems great, but I'd prefer to not use the mouse. E.g. NoScript has Ctrl+Shift+\ to temporarily whitelist the current page's domain and Ctrl+Shift+S to open the drop-down, and the drop-down works well with the arrow keys.

Someone else at some point asked for a pull request for keyboard shortcuts (and other stuff), but at the time I thought that the extension wasn't stable enough feature-wise, and I didn't want to deal with anything which would need constant revision before the feature set stabilize. For instance, I eventually trashed the context menu code that was put in too early because of this.

But now that it definitely is approaching v1.0, it probably does make sense to address that issue.

I've been using HTTPSB since the last time you answered a few questions for me on HN (about a week ago?) and I must say: stunning work!

A quick question: is there a keyboard shortcut I'm missing to enable/disable the request blocking? For the time being I do Cmd+L, Cmd+C, Cmd+Shift+N, Cmd+V to copy the URL into a private browsing window, but it'd be nice to just temporarily enable full functionality on the page, and then disable when I'm done.

Also, for those using the extension: there's a built-in set of rules to enable browsing Google sites: search, gmail, etc. that you can enable by clicking the puzzle piece in the HTTPSB menu. Very helpful.

By default all behind the scene requests are allowed (or else that would break auto-update and other extensions), but you can make it block everything (except of course for those net requests which are not routed through the chrome.webRequest API).

It is quite useful to also see (and control) net requests made by other extensions.

I think you'd see much greater adoption if you included the core HTTPSB library within an easier user interface, specifically targeted to blocking ads / ensuring privacy. At the moment it's a hacker tool that can block ads if you configure it correctly.

If that's not what you're interested in, more power to you, it's just a suggestion since the use-case isn't obvious especially to a "regular" user.

For one thing, HTTPSB doesn't hide DOM elements (I consider this out of its primary purpose), so if you still want this feature, you will have to keep ABP (or whatever equivalent does element hiding).

As for Ghostery or Disconnect, they still can be useful if you use HTTPSB in a permissive way (allow-all/block-exceptionally).

You could even use HTTPSB to block nothing at all, but as a mere reporting tool (with very low footprint), to find out what the other blockers did not block, as net requests will still be reported in the matrix.

And even to the extent that color is being used to convey information, don't rely solely on hue, make sure colors are distinguishable by value as well (in the case of text backgrounds, this is sometimes a better option than a pattern).

It seems to have noscript-level manipulation functionality, which I believe means "no". It appears to be able to block anything & everything, so you would just need to make sure you have the right filtering settings.

httpswitchboard looks like a very interesting extension. I haven't payed attention to what's happening with Chrome the last couple of years, but does this mean that you can finally genuinely block requests with Chrome extensions (something that has long been a problem with Chrome's Adblock extensions)?

This is my new favorite thing. It took me a few moments to 'get it' - eg sites like HN not loading by default, until I enabled them n the matrix display, but I worked it out without by experimentation very quickly and I love being able to edit preferences so fast. Well done, fantastic work.

Many people think of a browser as a tool for displaying text and pictures, with maybe a bit of JS code and some CSS effects on the side. That was true in the late 90s, but these days a browser is actually a fully-fledged programming environment that also happens to have some incredibly sophisticated multimedia capabilities: text, images, video, audio, animations, 3d graphics, etc.

The most popular websites run quite amazing amounts of code, and JavaScript execution is usually the dominant consumer of memory.

If you want a deeper understanding, visit about:memory in Firefox you'll get a detailed breakdown of how memory is used.

> That was true in the late 90s, but these days a browser is actually a fully-fledged programming environment that also happens to have some incredibly sophisticated multimedia capabilities: text, images, video, audio, animations, 3d graphics, etc.

Maybe I just miss the 90s, but I would much rather have the simple content browser than a "full-fledged programming environment", especially since all of that content is coming from the random untrusted intarwebs. Anyone want to write a browser engine that skips all the modern BS and just does a good job delivering mostly-static webpages?

Such a webbrowser would be unable to render a large chunk of the internet, which doesn't sound overly useful.

It wouldn't be able to render a large chunk of the Internet as designed, which, frankly, with 1106 local custom stylesheets applied to fix a huge range of crap and annoyances, sounds very useful and desirable.

Your best bet is text-based browsers: Lynx, Elinks, or mayve Emacs/W3M. On simple sites like HN, they are more or less usable.

I also sometimes wish the Web were just serving data in an easily processable format, and let the user decide what and how they are presented. Of course this would definitely and completely defeat the ads-supported scheme on which sits Internet. An ads-free Web would probably require the resources (media files, services, storage space, bandwidth, etc.) to be massively distributed among the PCs of the end-user, who are already paying for bandwidth, processing power and storage anyway. But it would also be quite inefficient as it would require equally massive fault tolerance.

> I also sometimes wish the Web were just serving data in an easily processable format, and let the user decide what and how they are presented.

It's really sad that many people feel this is the state of the modern www. The original intention - you serve me stuff with suggestions about presentation, but my client software and OS and hardware can do what it likes with that stuff - appears to be long dead.

> Of course this would definitely and completely defeat the ads-supported scheme on which sits Internet. An ads-free Web would probably require the resources (media files, services, storage space, bandwidth, etc.) to be massively distributed among the PCs of the end-user, who are already paying for bandwidth, processing power and storage anyway. But it would also be quite inefficient as it would require equally massive fault tolerance.

I do not use ad blockers. I view ads. If I really like the site and trust their ad network I will click relevant links.

But I loathe the way some websites and apps work. Facebook on iOS opens all links in the facebook app. Apps and websites decide they will not let my zoom or rotate.

Especially hateful are the ads which take me out of a Chrome (iOS) session to open the app store. I contact owners of sites with those ads and politely tell them what happens, and then I cut and padte the URL to a list of sites that I will never ever visit again. This is as bad as the smiley ads that yell " HELLO!! ".

Advertisers seem reluctant to realise that irritating people like me ( ad tolerant) is a rwally bad move and is the reason so many peopke use ad blockers.

>Advertisers seem reluctant to realise that irritating people like me ( ad tolerant) is a rwally bad move and is the reason so many peopke use ad blockers.

You're a tiny, tiny percent of users who actively chooses to view ads. Not to be insulting, but advertisers don't care what you think - the money they lose from your custom isn't worth the effort to make the change.

I don't bother blocking ads and I've never felt the need to install anything.

But the day I come across a site which I deem annoying enough, you can bet I won't hesitate for a second, and that'll just blanket block everything. As long as the advertisers play nice, I don't particularly mind. I don't care to differentiate between 'good' and 'bad' advertisers - just like how I'm not worth their time, neither are they worth mine.

The problem is not the browser. The problem is that modern web pages use a lot of functionality, use a lot of JS libraries and thus require that "full-fledged programming environment". A browser that does not implement it will just not be able to visit modern web pages. A page such as cnn.com weights 2M - and images are just 450 KB of it. Gmail and G+ are between 7 and 8 MB.

Modern web pages are programs and many are becoming bloated, and there is nothing magical a browser can do to avoid it.

The other half to this story is many web developers think the browser will magically clean up for them. I've lost track of how many sites I leave open in the background only to come back and find they're using > 1 GB RAM. I can always tell when it happens though because my laptop fan kicks on seemingly randomly.

With a bit of profiling it's usually that these sites just constantly append to the DOM. Without using circular buffers or otherwise cleaning up, eventually the CPU gets pegged doing constant GC. JS and Web development don't obviate the need for fundamentals and good programming practices.

Anyone want to write a browser engine that skips all the modern BS and just does a good job delivering mostly-static webpages?

This is one thing I wish more people would try (as I am), and quite honestly don't think is as hard as the big browser vendors make it out to be; my view is that the complexity in mainstream browser engines appears mainly based on how they were designed and implemented, and not as a consequence of the web standards they need to implement. The massive numbers of abstraction layers certainly contribute, as is the notion that everything should be extremely flexible and extensible (Web standards don't change all that often, and when they do they tend to do so incrementally.) It would certainly be interesting to see the limits of how simple (in terms of lines of code, binary size, etc.) and/or fast you could make a web browser and still e.g. have it pass Acid2, which probably makes it quite usable for much of the non-webapp part of the Internet.

text, images, video, audio, animations, 3d graphics, etc.

One only has to look at demoscene productions to see that providing a rich multimedia experience doesn't necessarily require all that much in the way of computational resources, and that's partly a reason why I believe web browsers could be made vastly more efficient than the norm today.

I see the problem being that there are essentially four different modalities to online content:

• Reading and discussion. Content-oriented sites. Overwhelmingly, here, Web design isn't the solution, Web design is the problem, and tools such as Readability, Instapaper, and Pocket are increasingly used to address this. Secondarily, content management is a problem, and my suspicion is that a new tool will emerge to displace the current browser model, either one of those mentioned or local clients such as Calibre or Zotero (a bibliographic management tool, though with some document display capabilities). Once content is rendered there's no real call to modify it dynamically. While console-mode / text browsers can be used here, I find they lack the management tools I seek. Discussion would entail some form of standard forum tool, a Usenet 2.0 type concept, ultimately, and would likely be integrated. Editing should support any full-featured local editor of the user's choosing.

• Application platforms. This is where full-featured browsers such as Chrome and Firefox appear headed. I believe they're headed for a rococo collapse -- that is, there's going to be such a degree of overembellishment of the browser that people will eventually abandon them for other, more appropriate tools, as those emerge. This has already happened numerous times in the browser space (Netscape -> Mozilla -> Firefox, MSIE -> anything else), and several times new browsers have emerged whose primary claims to fame were being lightweight and better reading experiences (Skipstone, Galeon, Firefox (initially), Chrome. Most eventually suffer from bloat.

• Commerce. This is currently handled in the browser, and is in fact a principle driver of much of the application functionality. Splitting this from other browsing activity would result in a smaller and saner platform, as well as isolation of financial transactions from other browsing, again, greatly reducing online risks. With a proper payment infrastructure, this should also greatly reduce the general security issues involved with online payments. Arguably this is already happening with the iTunes (Apple) and Play (Google) stores -- apps on mobile platforms.

• Multimedia content. Other than very brief previewing, it's almost always preferable to queue up multiple audio or video streams in an external player. My experience is that this niche is already reasonably well represented, in particular with tools such as VLC which support audio and video content, drag-and-drop queuing, playlists, playback controls, and the ability to correct for audio and video quality (levels, echo, brightness, contrast, etc.). Online players 1) are annoying in general, 2) don't allow for queuing content from multiple sites, 3) have inconsistent (and generally inadequate) controls, and 4) suffer from numerous playback, quality, and performance issues.

I tried disabling JS & cookies and whitelisting exceptions, but it was a pain. I ended up just using ghostery which is the opposite - blacklists exceptions, but with a 3rd party maintaining the list it became much better.

When I install firefox, I only have two plugins. Flashblock and NoScript. NoScript is actively maintained and lets you filter js with all sorts of options, defaulting to 'none at all'. Most sites work either perfectly or to some degree, though some fail to provide any content at all without js.

Given how trivial it is to install the plugin, I think that counts as firefox allowing disabling js.

Okay. If you want to get technical, they ("Phoenix developers") stripped out all the unnecessary Mozilla Suite components, stripped out a ton of browser code, then added their own code. They wanted to be feature-compatible while removing bloat.

Technically it's harder to remain feature compatible if somebody ripped out the "modern BS" from the browser, because anything put into Firefox automatically becomes a de facto web standard. But they're by and large multimedia extensions which shouldn't be considered a necessary part of displaying hypertext.

I think if people want a programmable multimedia platform, that's fine, but they should build it separate from the world wide web so the rest of us can browse the New York Times without a 500MB web browser in resident memory, nor wait for the browser to stop the millions of operations it needs to reload the page due to all the ridiculous and unnecessary crap in the background.

Instead of forking the browser to strip out or redesign the unnecessary crap, i'm suggesting we take pruning shears to Firefox itself, lest we get yet another new tool that tries to replace yet another bloated, antiquated piece of crap.

You don't need a new or changed browser to do any of that. Firefox still renders plain-text HTML that contains nothing more than <h1>, <p> and <a> just fine, blazing fast and I bet it doesn't need much RAM either.

But someone needs to create that content. And you're not getting it from the New York Times unless they can put flashy ads and interactive graphics that entices the majority of the users on the net (who actually enjoy the multimedia platform version of the web).

>Firefox still renders plain-text HTML that contains nothing more than <h1>, <p> and <a> just fine

Not as well as it used to!

Specifically, in the browsers of the 1990s you could "scroll while dragging": i.e., if you start dragging to select some text and you reach the bottom of the window, the window would scroll, allowing you to select more text than just what was on the screen when you started dragging. But at least in Firefox, that does not work anymore. (More precisely, you cannot scroll down although if you start dragging at the end of the selection, you can scroll up.) In other words, browsers have gotten so complicated that even an organization like Mozilla that spends millions of dollars a year on browser development cannot preserve all of the conveniences users used to enjoy for handling text.

My main response, though, is that the browser organizations (Mozilla, Google, MS and Apple) could have balanced the interests of content producers and content consumers instead of their giving content producers (and web-app developers, and marketers) almost everything they want like they have done. It's not as if the New York Times would have withdrawn from the web if the things they could do with code and with stylesheets were more limited.

> Many people think of a browser as a tool for displaying text and pictures, with maybe a bit of JS code and some CSS effects on the side. That was true in the late 90s [..]

It still is for many of us who complain about browser (and web content) bloat. We are on the web for text and pictures, primarily. The things we do online hasn't changed much since the 90s. Having sophisticated multimedia capabilities is irrelevant when we're in it for the content that matters.

That's forgetting the DOM, which is often the actual cause for slowness & memory consumption, but gets far less spotlight than JavaScript. This is also a reason why a framework like react.js is so interesting: it circumvents the real DOM when computing (on a virtual DOM), and only applies the end result.

They changed the browser UI, either the browser devs or the site devs via stupid javascript tricks (messing with scrolling, etc). I got driveby download powned and my CC info stolen and five spam toolbars in the UI I can't get rid of. There are too many spammy ads. They make is as hard as humanly possible to use bookmarks to encourage the use of a search engine every single time you go to a site thus monetizing ad views. Typosquatters. "Journalism" sites with one line of the article per page of spam. Spam "answer" websites.

Chrome has a "star" button right in the address bar, FF and IE have Ctrl+B to create a bookmark.

And both Chrome and FF have a pretty good auto-complete in the address bar (I just have to type "ne" to get Hacker News, "ma" for google mail, "youp" and "yout" for video streams, etc pp).

People vastly underestimate the power of keyboard shortcuts. I work as a freelance consultant/support guy and everyone is surprised how fast I work with even the slowest computers. Most can't believe how much time one can save by knowing at least Ctrl+C/Ctrl+V, Alt-Tab and Ctrl-Tab.

The point is the star button is not in a convenient location in FF 29... I find have to search for the star button now when need to bookmark something. I guess it made to much sense to have right in the address bar so they moved it... The Classic Theme Restorer may be in my near future.

UPDATE: I used the Customize feature to move the star button just to the right of the address bar and that is good enough for me.

What's the use of an uncategorized bookmark? I always drag the url into a bookmark folder in the toolbar (which I always have open; apparently come people hate that.) For uncategorized stuff, well, I guess that's why I have 300+ tabs open right now...

And Tree Style Tabs. Cannot live anymore without TST. That really ought to be in the core. Especially since it's sometimes a little buggy, though that may be because FF is changing underneath it.

Oddly, I'm on Nightly, and the star button is to the right of my url bar. I don't remember moving it back there, and I don't know why I would, since I never use it.

Tons of people. There's all the people using old computers, because they're still plenty good (except when using applications written by people who think they don't have to worry about memory), and all the people on shoestring budgets using cheap computers that are for the most part good enough (except when using applications written by people who think they don't have to worry about memory).

Also, people who let their machine and browser rund 24/7. I'm currently stuck with an 8GB machine because I hit the maximum RAM supported by the mainboard and I don't have the time to go through a full productive machine migration right now.

So I restart my browser every 48 to 72 hours to reduce the memory footprint (which is one of those clunky "hacks", but it still works).

If you think everyone or even most people out there want to upgrade their computers every couple years, and go for models with lots of RAM in them.. I'm sorry, you're wrong. Some geeks might have 16G or 32G but that's it.

Besides, whatever happened to Web browsing being a lightweight activity accessible for everyone even on his grandma's old PC?

The Chromebook Pixel I'm sitting behind right now has 4GB. I find it frequently insufficient for Chromes needs. I bought it a year ago; the websites that I use give me the same sort of content that they did a year ago.

Returning to your original point: I've been working on Firefox's memory consumption for about three years now. There are quite a few people who take your viewpoint. But there are also plenty of people who care very deeply about memory usage. Some of this makes sense, e.g. from people who are on low-end machines. But some of it is less rational... there is a subset of people for which memory consumption is almost a moral issue, and excessive usage indicates the general decay of western civilization, or something like that.

It boils down to images, if you think about it a PNG file is small but when you decompress that to a native bitmap for rendering to a screen, you've suddenly consumed a lot of space. A lot of applications render using the CPU and pass the data to the GPU to display.

Now look at a typical page with images, flash (with images inside) all of the scroll and developers that don't optimise their images and then 100MB of data for a single page isn't really a lot.

Plus memory usage is the wrong metric, I don't really care how much RAM my applications use, I care about how responsive they are. Firefox can use all my RAM if I get great page load times and my other applications don't suffer.

Firefox can use all my RAM if I get great page load times and my other applications don't suffer.

if anything I wish more programs would take full advantage of it.

If every single application behaved like it owned all the memory on your machine, you would have a pretty horrible experience as they'll be basically fighting over what's available and likely hitting the swapfile. On the contrary, I do wish developers would care more about the memory footprint of their applications since they are sharing with all the others. Looking at it this way, optimising performance by using more memory aggressively (and thus reducing the amount of memory other applications can use) seems like a horribly greedy and antisocial way to behave, and thus it makes sense to use as little as feasible to give good performance.

(I'm assuming that the use case here is a browser that you have open along with other applications; if you only have a browser running, then it doesn't matter as much.)

I have 16 gigs of RAM. I'd love to see every program use as much RAM usefully as possible. I don't want programs to write temp files to the drive. I want things to be done in RAM as much as possible to avoid wearing out the SSD.

In fact, every application DOES behave like it owns all of the RAM on the machine. This is what virtual address space does, it's pretending that each program has access to any place in the memory.

I have 1 gig of RAM. I'd love to see every program not waste tens or hundreds of megabytes not doing anything useful with it. I don't want programs to cause heavy swapping and slowdowns, I don't want them to crash because they ran out of memory. I want things to be done reasonably efficiently to allow me to do more with the amazing computing power I did not have fifteen years ago, with a better UX.

Sadly, a lot of current software does behave like it owns all of the RAM on the machine. But modern browsers are particularly bad, and it doesn't help that you need the web for so many things today. With browsers I'm not given much choice.

> This is what virtual address space does, it's pretending that each program has access to any place in the memory.

No, not at all. It's just handing control over to the operating system so paging can be handled transparently and programs can't overwrite each others' memory. Programs still have to acknowledge and respect the fact that memory is a finite resource, and they can't have all of it. That's how it has always been, a virtual address space doesn't change the fact.

Actually my computer is only four years old, and supports up to 2GB of RAM.

It is hard to find a working niche browser when Mozilla and Google are doing everything to make sure the web depends on their behemoths' complexity. They are pushing for the Web Platform. They are constantly adding new features.

I used to use Links 2 as my primary browser until about a year or two ago. I would have preferred to keep using it (actually I still do, but it's no longer primary), but one day, a few years ago, Google said let's kill IE6. I can't remember the date. But I know web devs had a party and since that day, the amount of Javascript on the web has skyrocketed, and it's gone from an optional "experience enhancer" to a requirement in many cases. So I'm not given much choice.

But this isn't just about me personally; I could buy a new computer today if I wanted to. What people have pointed out elsewhere in the comments is true -- there are people who still have old computers, much older than mine. And people (parents too) who cannot afford much else besides aging second hand machines.

What irks me the most about this whole "web must move forward" mentality is that machines that would otherwise be perfectly usable for the sorts of basic tasks one used to be able to do even without these new web technologies (i.e. read email, news, etc.) are being obsoleted and scrapped by people buying newer, much faster hardware --- only to be used just for those same basic tasks again.

Is that really a bad thing though? These old PC's are extremely wasteful with electricity relative to newer ones, so how much money are people really saving? People are so quick to ignore the ongoing costs and obsess over the immediate.

Basic web browsing/word processing is incredibly cheap to do right now in a new PC (sub $200 sans peripherals for the absolute newest hardware). In my opinion, these are machines that will handle web tasks for at least the next 10 years barring some huge shift that I cannot foresee.

I just looked at the adblock-hosts file, and 'tynt' appears several times. One of those lines is commented with a link to an article about tynt[0]. I tried copy-pasting from The New Yorker and TechCrunch (who, as claimed by the author of the article, use tynt), and both times there was no crap appended.

Interesting, my experience with hosts files has been that they do not block ads nearly as well as ABP. A lot of the ads I see are served from the same host as the content. ABP also blocks things like youtube ads that I don't think can be blocked at the DNS level.

I'd love to move the ad filtering out of my browser though, either into a proxy like privoxy or DNS filtering, if it worked well.

Host files are very limited, and when you start dealing with anti-adblock scripts and other css/js scripts on some sites it falls apart.
Basically hosts file was great 10+ years ago when the Web was new(ish) and Adblock was only used by a few. Now we're dealing with CSS, objects, subrequests, first party ad/tracking scripts.

With all the features Adblock Plus gives us, far far more than just blocking xx and yy domains like in a hosts file... Why not just use the extension? Let's leave the host file to the history books.

I like this as well, even works great for windows 8 IE which there is no ad block for otherwise, but sometime I need to see ads and then switching is not worth the hassle. I've been thinking of developing a system tray hosts file switcher for this purpose. You think anyone else would use it?

A quick dive brought me to glibc: seems like everything is done in `resolv/gethnamaddr.c`. Look for `_PATH_HOSTS` mentions: it is defined as "/etc/hosts/". The parsing seems done by the function `gethtent`. However it returns a single `hostent`...

It's a brute-force linear search. _gethtent() returns one line from the hosts file at a time, the loop itself is in _gethtbyname2(). It opens and parses the hosts file every single time. If I were asked to improve this, I'd probably open and parse the file only once, reparsing when the file's been updated, maybe use an on-disk cache file. Second change would be to use a hash table. I don't think anything as sophisticated as a Bloom filter is necessary unless you have truly huge hosts files.

Since gethnamaddr.c appears to be BSD-licensed I'm willing to bet that 99% of all OSs out there (including Windows) are going to have similar if not identical code.

There's a few packages that take a serious approach at adblock-through-hosts-file, including hostsblock[0], linked below.
The cost of the systematic linear search is mitigated by the use of a DNS caching daemon, such as dnsmasq or pdnsd.

Indeed a Bloom filter would be overkill, and I'd rather avoid false positives!

> Many people (including me!) will be happy with this trade-off — they will gladly use extra memory in order to block ads.

Well, for me the whole point of blocking ads is because they are often big flash things that hog cpu and memory. If ABP is no better, then most of the reason is gone. I'd actually like to view ads to support more sites.

Same here; I stopped using ad blockers a long time ago since click-to-plugin performs the essential function they were providing for me. Perhaps I'll reconsider when "HTML5" ads get more annoying/use more resources.

the point for me is the visual noise, not the memory that ads consume. Actually, normal users are used to the lag, they don't see it as much as we do. You can take a look at consoles that have run games at 30fps for decades and nobody complained.

I don't care about the "visual noise" of normal/banner-type ads - the real problem are those fucking layer ads with confusing icons (the X is the left one, the maximize button the right one), so if you want to read the content, first find out which type of layer ad it is, try to spot the 2x2px hotzone for the close button and THEN read the content.

People install adblockers because too many idiots became too fucking greedy and ruined ads for everyone else!

Tell me about it man; I found that food was getting kind of expensive at some of the restaurants I frequented so now I just dine-and-dash, several times a week. Restaurants as a whole had their chance to charge me for food, they abused it, so I took that right away.

Yes! And the cognitive noise. I find it literally impossible to read text if there's some blinking ad nearby. Before Adblock I'd have to put my had up to the screen to block the animation so that I could read the article text in peace.

The one thing I miss from Chrome is the Adblock extension. It has a feature that allows ads on all sites except the ones you explicitly block--a reverse adblock filter, so to speak. I'm ok with seeing ads, but if there's a site I often visit that bothers me (I'm looking at you, weather.com), then I'll block it.

Unfortunately the Firefox version doesn't have this, and neither do the alternative adblock addons I could find.

> Well, for me the whole point of blocking ads is because they are often big flash things that hog cpu and memory.

If you don't want to screw publishers out of compensation for their product but also don't want Flash running arbitrarily on your browser, change your plugin settings to click-to-play (I know Chrome has it but I'm pretty sure Firefox does too). It has the added benefit (for me) of being able to open most video streams in a new tab the way I do with every other article and then consume it at my leisure later.

You do save some memory and CPU usage, but it appears that the cost is usually higher.

You can disable ABP on particular sites. I was going to suggest doing that for sites you frequently visit that don't have ads... but I just did some quick testing and it doesn't seem to change the memory usage at all.

This is like a commercial for forking Firefox to build highly efficient ad blocking into the browser.

It's sad that the most-demanded feature on every browser, as evidenced by plugin downloads, is ad blocking. However, all the major browsers are produced by companies with their hands in advertising, and this conflict of interest has resulted in this feature request going unfulfilled for a over a decade.

I don't think we can block ads in mainstream browsers because ad providers will just work around the blocks. Plugins provide defense in numbers against suck workarounds, making ad blocks actually effective.

What business model do you envision for the web, then? Sure, my own websites are ad-free, but they're purely hobby projects and I don't feel like the (small?) income would be worth the personal discomfort of "selling out". For those who can't afford to develop and host good content for free, what's the solution?

I think this is the biggest problem in the Internet sphere right now. It has been in the backs of everyone's mind for 20 years, but with no other solution available, the Internet has been financed 100% by ads.

I often dream of a world where x% of my ISP bill is paid out in micropayments to the content providers (think about it, we pay ISPs for infrastructure that would be worthless without content, and they get all the cont for free). But that ignores actual bits, so in the end I wish there was a protocol for me to pay for the content I want, and in exchange the provider would give me ad-free content. Now imagine I could choose (or have a browser setting) what level of payment vs. ads I want on each website.

I realize it can't be that simple, the economics of the Internet (from end to end) are much more complicated.

I would like to see a lighter blocking list—one that doesn’t try to be absolutely comprehensive, but just focuses on the 95% of ads that can be fixed at 10% of the cost (actually I think it’d be more like 99% at 0.1% of the cost).

My primary computer is a laptop from 2008 with a 2.5Ghz Core 2 Duo and other than a 1 second delay in startup I don't notice any performance degradation in general use compared to running without ABP.

Currently this machine has been up for 3 days and 17 hours and Firefox has been running the whole time and it is using 303MB with 4 tabs open one of which is the Daily Mail (don't judge!) which is an extremely busy page. This is perfectly acceptable in my opinion. I only have 4GB RAM which by todays standards in not much either. Obviously reducing the memory footprint is great but I can't say it has ever been a problem I have ever noticed.

On a side note the past few updates to Firefox have improved performance a lot. I am really impressed by how much quicker the browser is, especially with Chrome seeming to just get slower and slower with each update.

I've also seen this in some other comment, so I think it's worth pointing out: if you have a desktop computer then yes, it's ok. However, there are also netbooks and notebooks around with a lot less memory than that. Tablets, while not currently one of Firefox markets, are also commonly seen with less than that. Lots of parents with second-hand computers, too, which haven't been touched in a while because it "just works".

The overall attitude towards hardware is apparently "use it for two years, then throw away and get a new one", and yet underpowered computers surround me in a 5:1 ratio. I sometimes have to install plain old versions of software (Office '97 comes to mind) because the new ones provide 5% new features at the cost of half your memory.

Maybe everyone else has techie friends that only care about the latest and shiniest, or maybe the rest of the world is rich enough to throw away perfectly good hardware just because they feel like it. But from my experience (as biased as it is), 4Gb is not an "only" situation.

At the risk of stating the obvious, if your site is ad-funded then annoying users who don't see your ads so they go away and don't come back is a win. If they bitch about it to their friends who also wouldn't see your ads and those friends don't visit in the first place, it is an even bigger win.

I'm not so sure this is "obvious". It presumes that those people will never refer anyone who would watch your ads, and also that search engines won't down rank you in results based on the number of people bailing from your site instantly/avoiding clicking on it.

I agree the position I suggested is only a plausible assumption rather than a self-evident truth. Even so, I think it's a reasonable premise. Most people aren't going to use an ad blocker and then immediately leave your site just because of some related message, so I don't see the search engine issue as much of a danger. You might lose a few people who might have clicked on your ads if someone hostile spreads the word around, but firstly I doubt many people are really going to do that either (do you leave a web site and then immediately post on your blog/Facebook page/Twitter feed that "Site X Sucks!!!11!", really?) and secondly even if they do then I suspect the odds of converting anyone they tell who acts on that information are very low.

No, it only assumes that you don't gain a positive net benefit from a networking effect in a network where people use ad blockers and then get upset and storm off your site if you do something about it. In the absence of data to the contrary, that doesn't seem like an unreasonable assumption.

It seemed like you were confused about the term and or the correct use of the term. The term is "network effect" not "networkING effect." I am not invested in the argument one way or the other. I just wanted to point out how to use the term.

I would recommend Privoxy rather than adblock. I chose it because it can be used with any browser rather than needing to be a plugin and have had great results with it. As a bonus I have it running on a virtual server and use an ssh tunnel on any system I end up using. This gets me round filters and installing things other than ssh. So if I am using my Android phone on free wifi, I know I'm not being dns hijacked or under HTTP MITM attack.

I tried switching to Privoxy the other day. You have to manually convert AdBlock lists to their configuration format, so it's less convenient. On top of that, some sites no longer worked and browsing generally felt slower. I think in the end doing the filtering in a native (C) program is the way to go, but right now it's not comparable to how hassle-free ABP is.

That depends on the proxy. Systems that effectively MITM your own network's traffic have been around for some years now. All you need for outbound connections is to install an additional certificate in your browser so the proxy can act a trusted partner for HTTPS.

I don't know whether anyone has made such a proxy for use in the kind of situation we're talking about here, however.

uh? you can totally filter HTTPS with a proxy, especially with a local one. Either use the option to activate the dump of you keys on disk (a one-liner on every browser) and point the proxy to that file, or just break the SSL in 2 and rely on the proxy for the actual cert check.

> Could AaaS (Adblock as a service) be a viable business? I think I'd pay for it.

It probably could, however I'm sure it would be shut down quickly by advertisers and parties showing ads - after all, you're offering a service to remove their source of income. Unless you'd funnel part of your subscriber's income back to the advertisers, based on whose ads you block. But I'm sure it'd end up being too expensive for the consumer and too much of a hassle for the one offering the service.

Not to mention you'd force your users to funnel all of their internet traffic through your servers, and it wouldn't work with encrypted pages (which large parts of the internet is moving towards)

You do have some information in the browser you can't get to from the outside. For example, the filter with the most hits for me is "@@||192.168.$xmlhttprequest", which whitelists XMLHttpRequests to 192.168.*. A proxy can't really tell the source of a HTTP request. But that kind of thing is sometimes the only indicator telling the difference between an ad and useful content.

I think this is the fourth or fifth time, in recent memory, that I've seen someone from Mozilla criticize Adblock Plus and call on its developers to make changes. ABP startup time and memory consumption were subjects I recall, and its general impact on page load times may have been as well.

I can understand Mozilla taking some interest in how addons behave, and constructive feedback on extensions is a good thing. However, ABP is the type of extension that is likely to have issues in those areas because of what it does. Which is very important to users, especially those who rely upon it for its privacy and security enhancing capabilities. It is those users who should decide whether the performance and resource usage trade-offs are acceptable. Mozilla shouldn't make, or try to make, such decisions.

I'm the author of the post. I was extremely careful to keep the tone of the post neutral. This paragraph sums it up:

> So, it’s clear that ABP greatly increases Firefox’s memory usage. Now, this isn’t all bad. Many people (including me!) will be happy with this trade-off — they will gladly use extra memory in order to block ads. But if you’re using a low-end machine without much memory, you might have different priorities.

If you think this post is unreasonable, I think your skin is too thin.

I noticed that you said that, and expected others to notice as well. I don't really think your post unreasonable. I'm just a little concerned that, even in a case of pure intentions and desire for balance, extension developers may feel pressured to make changes and end up sacrificing features or effectiveness.

Did you notice how some people here, and at your blog, proposed modifications what would trade coverage for memory consumption? Even if that would result in known filter hits being eliminated, and also without qualifying that if such an approach were adopted it should be preference based?

Editing hosts files, installing Privoxy or Glimmerblocker, using Ghostery, Bluhell Firewall - I've tried all of these suggestions and unfortunately ABP is the only way to go if blocking all unwanted pop-up's is a priority.

Anyone knows if this also affects Chrome? I have Chrome saying Adblock is using 126MB of memory, but if there are giant stylesheets injected elsewhere that might no be reported fully in the Chrome task manager.

If you are on a low-end machine and can't afford a larger memory footprint, you should probably be using a lighter browser in the first place, but if you really want to use Firefox and block ads, one option is to just block them through your hosts file, then the addon becomes largely unnecessary.

I'm surprised AdBlock is so popular. I tried it a few years ago and noticed the sluggishness immediately. I know it's not a feasible alternative in everyone's opinion, but if you're running a low end machine and want to block the most pernicious ads (flash, multiple external javascript, etc.) then Firefox + NoScript is the way to go.

I used to run a 700MHZ powerbook, and the fan used to whir away. One day I realised that having Firebug running wasn't helping! But I foolishly hadn't even considered it, as I was so used to running the extension. Adblock Plus I pretty much always install too, so would just think it was normal. It still feels much better than running the adverts!

I did try noscript for a while, but I got fed up having to turn it on for sites that just failed to work without JS, and got bored moaning about it.

That's why you only allow the CDN hosting the videos to run JavaScript and disallow the ad network hosts from running JavaScript. Best of both worlds - you get your video stream but never have to run the ad network JS.

There might be an architecture problem here. Another solution is to use a proxy to block ads, like GlimmerBlocker for OSX. But I didn't investigate memory usage, though I tend to think it will be lower (plus have the added benefit of working simultaneously for all browsers).

A proxy cannot dynamically interact with the DOM, so it cannot do everything a plugin can. I think the solution is to use better datastructures in the plugin and improve the integratation of the plugin with the browser.

Ah, 3 words that always seem to show up together: firefox and memory and usage. I look forward to when I see that 4th word, "minimal", in there as well. Yes, I know original post is about an addin increasing memory usage, but I guess that doesn't surprise me anymore either, sadly, when thinking of firefox.

It's much better than it used to be. For example, Firefox 15 made a class of very common leaks caused by add-ons impossible. Firefox 26 massively reduced the amount of memory used on image-heavy pages. And there have been many smaller improvements over the past three years, under the aegis of the MemShrink project (https://wiki.mozilla.org/Performance/MemShrink).

if 19 million people use it, why hasn't it become a feature firefox offers itself ? doesn't this mean people want some option of blocking ads ? I'm guessing this a native-integrated version will require a lot less memory...